Current version
Git/Latestdiff: 1.5.6
Latest Snapshots
Produced after each commit or rebase to new upstream version
GIT
RSBAC source code, can be unstable sometimes
No events planned
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
documentation:features [2006/01/11 11:40] kang created |
documentation:features [2007/05/27 12:49] 127.0.0.1 (old revision restored) |
||
---|---|---|---|
Line 5: | Line 5: | ||
//Currently non ordered, non complete list// | //Currently non ordered, non complete list// | ||
- | * Read-only mode (no attribute writing, for read-only filesystems) | + | * Read-only mode (no attribute writing, for testing) |
- | * Transactions support (policy changes are atomic) | + | * Transactions support (policy changes can be made atomically) |
* Generic list based attributes (objects attributes from all models are stored into hashed, generic lists) | * Generic list based attributes (objects attributes from all models are stored into hashed, generic lists) | ||
* In kernel user management (no more /etc/passwd) | * In kernel user management (no more /etc/passwd) | ||
* Network control support | * Network control support | ||
- | * Pseudonymous administration (for privacy concerns) | + | * Pseudonymous logging (for privacy concerns) |
* Extensive logging capabilities | * Extensive logging capabilities | ||
- | * Symlink redirection (symlinks can redirect by role, to another location) | + | * Symlink redirection (symlinks can redirect to another location by role, by uid, by security level or by remote address) |
- | * Can disable Linux DAC (be sure to convert them to RSBAC ACL first) | + | * Can disable Linux DAC (be sure to convert them with provided tool to RSBAC ACL first) |
* Secure delete (mandatory secure deletion per file, directory or whole filesystem) | * Secure delete (mandatory secure deletion per file, directory or whole filesystem) | ||
* Hide processes easily with a kernel option | * Hide processes easily with a kernel option | ||
* Freeze mode (no RSBAC setting can be changed until reboot) | * Freeze mode (no RSBAC setting can be changed until reboot) | ||
- | * Softmode (RSBAC running in non-enforcing mode) | + | * Softmode (RSBAC running in non-enforcing mode, can be disabled per single boot) |
* X11 Support | * X11 Support | ||
* Inherited attributes (easy administration) | * Inherited attributes (easy administration) | ||
* Fast, low overhead solution | * Fast, low overhead solution | ||
+ | * TTL, define certain accesses at certain dates/time only | ||
- | //You can find more information about modules by reading the [[documentation:different_models|different models]] document.// | + | //You can find more information about modules by reading the [[documentation:rsbac_handbook:security_models|security models]] document.// |
* Registration modules (security models can be easily added this way) | * Registration modules (security models can be easily added this way) |